Appl.No. 09/738,807 

Amdt. dated 07/29/2005 

Reply to Office Action of 06/02/2006 

The Claims: 

This listing of claims will replace all prior versions, and listings, of claims in the application: 

Listing of Claims: 

1.-46. (cancelled) 

47. (currently amended): 

A method for secure in-band management of a network device that provides routing and 
forwarding services, the method comprising: 

transferring data between core data links and customer data links where the customer data 
links including Virtual Private Network (VPN) data links and non-VPN data links; 

dedicating one of the VPN data links to the transfer of management commands; 

configuring a virtual private network (VPN) for the network device; 

linking the dedicated VPN data link to a source of non VPN management commands; 

using the VPN to carry the non VPN t ransfer management commands from the source of 
the non VPN management commands to the network device; and 

transferring management commands between the dedicated VPN data link and a router 
configuration management module. 

using the network device to forward the non VPN management commands to a 
management port of the network device through a VPN modulo. 
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48. (currently amended): 

The method of claim 47 wherein transferring management commands between the dedicated 
VPN data link and a router configuration management module includes transferring 
management commands through a management port of the router configuration management 
module, the network device includes a routing and forwarding module and a management 
VPN module coupled to the routing and forwarding module. 

49. (previously presented): 

The method of claim 47 wherein the network device is one of a network switch, a network 
bridge, a network hub, and a network gateway. 

50. (previously presented): 

The method of claim 47 wherein the network device can perform one of Internet Protocol (IP) 
services. Multiprotocol Label Switching (MPLS) services, and Asynchronous Transfer Mode 
(ATM) services. 

51. (currently amended): 

The method of claim 47 wherein the source of the non VPN management commands is one 
of a non VPN m anagement device and a non VPN management function. 

52. (currently amended): 

A network device that provides routing and forwarding sorvicos for a data network, services, 
the network device comprising: 
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a routing and forwarding module to transfer data between core data links and customer 

data links forward data received from the data networlc on an input data linlc to an output 

data linlc in accordance with source and destination information contained in the data; 

data, the customer data links including Virtual Private Network (VPN) data links and 

non-VPN data links; 

a router configuration management module to perform non VPN management operations 
for the network device; device according to received management traffic; and 

a management port coupled to the router configuration module to receive the non VPN 
management commands for the router configuration module; and 

a management VPN module coupled to the routing and forwarding module m odule, to 
one of the VPN data links, and to the management perfe rVPN module, the management 
VPN module to transfer management traffic between the router configuration 
management module and the one of the VPN data links, provide non VPN management 
commands to the management port from a virtual private networlc (VPN), wherein the 
non VPN management commands are delivered to the routing and forwarding modulo. 

a management port coupled to the router configuration module to receive the non- VPN 
management commands for the router configuration module; and 

5 3 . (previously presented) : 

The network device of claim 52 wherein the network device is one of a network switch, a 
network bridge, a network hub, and a network gateway. 
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54. (previously presented): 

The network device of claim 52 wherein the network device can perform one of Internet 
Protocol (IP) services, Multiprotocol Label Switching (MPLS) services, and Asynchronous 
Transfer Mode (ATM) services. 

5 5 . (currently amended) : 

The network device of claim 52 wherein the source of the non VPN management commands 
is one of a non VPN management device and a non VPN m anagement function. 

56. (currently amended): 

A network device that provides routing and forwarding services, the network device 
comprising: 

means for transferring data between core data links and customer data links where the 
customer data links including Virtual Private Network (VPN) data links and non- VPN 
data links; 

means for dedicating one of the VPN data links to the transfer of management traffic; 

moans for configuring a virtual private notworlc (VPN) for the notworlc device; 

means for linking the dedicated VPN data link to a source of non VPN management 
commands; 

means for using the VPN to carry the non VPN t ransfer management commands from the 
source of the non VPN management commands to the network device; and 
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means for transferring management commands between the dedicated VPN data link and 
a router configuration management module- 
means for using the networlc device to forward the non VPN management commands to a 
management port of the networlc device through a VPN module. 

57. (currently amended): 

The network device of claim 56 wherein the means for transferring management commands 
between the dedicated VPN data link and a router configuration management module 
includes means for transferring management commands through a management port of the 
router configuration management module, using the networlc device to forward the non VPN 
management commands to a management port of the network device through a VPN module 
includes a routing and forwarding module and a management VPN module coupled to the 
routing and forwarding module. 

58. (previously presented): 

The network device of claim 56 wherein the network device is one of a network switch, a 
network bridge, a network hub, and a network gateway. 

59. (previously presented): 

The network device of claim 56 wherein the network device can perform one of Internet 
Protocol (IP) services. Multiprotocol Label Switching (MPLS) services, and Asynchronous 
Transfer Mode (ATM) services. 
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60. (currently amended): 

The network device of claim 56 wherein the source of the non VPN management commands 
is one of a non VPN management device and a non VPN m anagement function. 

61. (currently amended): 

A machine-readable medium providing instructions, which if executed by a processor, cause 
the processor to perform an operation comprising: 

transferring data between core data links and customer data links where the customer data 
links including Virtual Private Network (VPN) data links and non-VPN data links; 

dedicating one of the VPN data links to the transfer of management commands; 

configuring a virtual private network (VPN) for a network device; 

linking the dedicated VPN data link to a source of non VPN management commands; 

using the VPN to carry the non VPN t ransfer management commands from the source of 
the non VPN management commands to the network device; and 

transferring management commands between the dedicated VPN data link and a router 
configuration management module. 

using the network device to forward the non VPN management commands to a 
management port of the network device through a VPN modulo. 

62. (currently amended): 

The machine-readable medium of claim 61 wherein transferring management commands 
between the dedicated VPN data link and a router configuration management module 
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includes transferring management commands through a management port of the router 

configuration management module, the networlc device includes a routing and forwarding 

module and a management VPN module coupled to the routing and forwarding module. 

63 . (previously presented) : 

The machine-readable medium of claim 61 wherein the network device is one of a network 
switch, a network bridge, a network hub, and a network gateway. 

64. (previously presented): 

The machine -readable medium of claim 61, further providing instructions, which if executed 
by the processor, further cause the processor to perform an operation comprising one of 
performing Internet Protocol (IP) services, performing Multiprotocol Label Switching 
(MPLS) services, and performing Asynchronous Transfer Mode (ATM) services. 

65. (currently amended): 

The machine -readable medium of claim 61 wherein the source of the non VPN management 
commands is one of a non VPN management device and a non VPN m anagement function. 

66. (currently amended): 

A data network comprising: 

a plurality of network devices that provide routing and forwarding services for the data 
network; an d network including transferring data between core data links and customer 
data links, the customer data links including Virtual Private Network (VPN) data links 
and non- VPN data links, a source of non VPN management commands transmitted to the 
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plurality of network devices using a virtual private network (VPN), wherein each of the 

plurality of network devices includes: 

a routing and forwarding module to transfer data between core data links and 
customer data links forward data received from the data network on an input data linlc 
to an output data linlc in accordance with source and destination information 
contained in the data; 

a router configuration management module to perform non VPN management 
operations for the network device; device according to received management traffic; 
and 

a management port coupled to the router configuration module to receive non VPN 
management commands for the router configuration module; and 

a management VPN module coupled to the routing and forwarding module m odule, 
to one of the VPN data links, and to the management pertr -VPN module, the 
management VPN module to transfer management traffic between the router 
configuration management module and the one of the VPN data links, provide non 
VPN management commands to the management port from the source of the non 
VPN management commands. 

67. (previously presented): 

The data network of claim 66 wherein each of the plurality of network devices is one of a 
network switch, a network bridge, a network hub, and a network gateway. 
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68. (previously presented): 

The data network of claim 66 wherein the plurality of network devices can perform one of 
Internet Protocol (IP) services, Multiprotocol Label Switching (MPLS) services, and 
Asynchronous Transfer Mode (ATM) services. 

69. (currently amended): 

The data network of claim 66 wherein the source of the non VPN management commands is 
one of a non VPN management device and a non VPN m anagement function. 
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